जब से मैं विभिन्न वेबसाइटों पर संपर्क प्रपत्र की स्थापना मैं स्पैम का एक धीरे-धीरे बढ़ती मात्रा लिया है। नहीं प्रत्यक्ष स्पैम मुझे भेजी गई, लेकिन न के बराबर पतों spamme किया जा रहा थे से बाउंस, apparently from my address. Unfortunately the spam wasn’t originating from my address, लेकिन मेरा पता किसी न किसी तरह उठाया गया था (शायद मैं इस साइट पर संपर्क रूपों सुरक्षित पहले से) and was being used as the “reply to” address. After some investigation I heard about SPF which is an e‑mail anti-forgery system.
अगर मैं अपने डोमेन नाम पर एक एसपीएफ़ रिकॉर्ड बनाया (which I use as my primary e‑mail) then mail servers that support SPF will check that any e‑mail they receive with my address as the “from” or “reply to” address did actually come from my mail server. If it didn’t the server will clearly identify the mail as spam and will discard it without sending me an annoying bounce message. DKIM is similar and effectively aims to achieve the same thing. Finally, DMARC is a new system which standardises the behaviour of both SPF and DKIM and also generates reports of any e‑mails which are not delivered instead of you getting bounce messages. No system is perfect but DMARC (and therefore DKIM and SPF) are supported by Yahoo, एओएल, माइक्रोसॉफ्ट, Facebook and Google. Between them they account for a large proportion of the e‑mail “market” so to speak.
कैसे विस्थापित करने के लिए डीएनएस provider to Amazon Route 53
आप एक जरूरत जा रहे हैं डीएनएस provider (in most cases your registrar) that supports SPF, DKIM and DMARC records. Mine (123-reg) doesn’t support DKIM so I decided I would have to look to move. However, मैं अतीत के लिए 123-reg के साथ बहुत खुश किया गया है 9 years and moving to a new registrar didn’t appeal. Instead I decided to simply move my डीएनएस servers to a different डीएनएस provider. Amazon provide a डीएनएस service as one of their web services called “Route 53”. Whilst this isn’t free it is based on a “pay for what you use” model, and I anticipate it costing me under £10 a year. As an added bonus Amazon’s डीएनएस service is much faster than that of a typical registrar and so will speed up site access times.
- Sign up for Amazon web services. You will have to provide a credit card, and verify your ID — in my case I did this by automated phone call which took under 1 minute
- करने के लिए लॉग इन करें AWS Management Console
- Click on the link in the AWS console to open the मार्ग 53 कंसोल
- Create a “hosted zone” for your domain
- Go to the record sets of the hosted zone
- In a new window (या टैब) log in to your current registrar and have a look at your existing डीएनएस अभिलेख.
- Switch back to Route 53
- Create any डीएनएस प्रविष्टियों आप की जरूरत है, probably by duplicating what you see in your current settings with your registrar
- का एक नोट बनाएँ 4 name servers (टाइप एन एस)
- Switch back to your registrar’s control panel / console and change your name servers to the 4 आप में से एक नोट बनाया #6.
This should complete the basic डीएनएस migration from your registrar to Amazon Route 53. It might take up to 48 hours to fully propagate through the डीएनएस system but I found it was almost instant for me. As long as you created all the records you need (probably by duplicating what you had set up previously on your registrar) you shouldn’t see any interruption of service.
एसपीएफ की स्थापना, DKI रूट पर dmarney करने के लिए 53 for Google Apps e‑mail
I manage my e‑mail through Google Apps. Setting up e‑mail authentication on Google apps is fairly straightforward.
- सुनिश्चित करें कि आप मार्ग में लॉग इन किया है 53, and open the hosted zone for the domain you wish to create records for
- You will create 4 records — 2 एसपीएफ़, 1 DKI 1 DMARC. 1 SPF record will be a special “SPF” type of record, the other 3 प्रकार सभी TXT रिकॉर्ड हो जाएगा
- Both SPF records will contain the text “v=spf1 include:_spf.google.com ‑all”, including the ” marks. Remember to set one as type TXT and one as type SPF
- The DMARC record will have the value “v=DMARC1; पी = संगरोध; पीसीटी = 100; रुआ = mailto:you@your-domain.com", and will have the name _dmarc. Make sure you change you@your-domain.com to the address you want DMARC reports sent to. You can also change some of the properties, वहां एक है गूगल द्वारा मार्गदर्शन which will help you decide what properties you wish to use.
- अंत में, the DKIM record is the most complicated and requires some information from google which is specific to your domain…
- Log in to your google domain administrator panel at https://www.google.com/a/cpanel/प्राथमिक-डोमेन नाम — remember to change प्राथमिक-डोमेन नाम अपने डोमेन नाम के लिए
- Click on “advanced tools” and scroll down to the bottom, and click on “Set up email authentication (DKIM)"
- Make sure the correct domain is selected in the pull-down box (you probably only have 1 डोमेन) and click on “generate new record”
- Enter a prefix if you want one — I just used “google” and click generate
- In the box that displays there is the record you need to enter at your registrar along with the hostname
- TXT रिकॉर्ड मूल्य कॉपी और का एक नोट बनाने डीएनएस होस्ट नाम
- Switch back to Route 53
- Create the final (4वें) new record — give it the name of the डीएनएस Host Name you made a note of. Give it the value you copied from the TXT record value — remember to put the value inside “” marks
- Wait a few minutes and then click “Start Authentication”. If successful you’ll see “Status: Authenticating email"
- आप अप करने के लिए इंतजार करना पड़ सकता 24 के लिए घंटों डीएनएस to propagate so that you can start authentication, but generally it should happen pretty quickly
For another take on this process I recommend 2 articles by Christopher Maish — the first on एसपीएफ और DKI, पर दूसरी DMARC. सौभाग्य!
“Hi James I realise it has been a long while, but I just checked this on windows 11 (build 23H2)…”